27 matches found
EUVD-2019-4625
Malware in sbrugna...
EUVD-2020-5394
Malware in sbrugna...
EUVD-2020-12811
Malware in sbrugna...
CVE-2020-20021
An issue discovered in MikroTik Router v6.46.3 and earlier allows attacker to cause denial of service via misconfiguration in the SSH daemon...
CVE-2020-13118
An issue was discovered in Mikrotik-Router-Monitoring-System through 2018-10-22. SQL Injection exists in checkcommunity.php via the parameter community...
CVE-2020-20021
An issue discovered in MikroTik Router v6.46.3 and earlier allows attacker to cause denial of service via misconfiguration in the SSH daemon...
CVE-2020-20021
An issue discovered in MikroTik Router v6.46.3 and earlier allows attacker to cause denial of service via misconfiguration in the SSH daemon...
CVE-2020-20021
An issue discovered in MikroTik Router v6.46.3 and earlier allows attacker to cause denial of service via misconfiguration in the SSH daemon...
Exploit for OS Command Injection in Control-Webpanel Webpanel
Docs Paper : https://docs.google.com/document/d/1rQ7e9i2AFzHbASf...
The vulnerability of the RouterOS operating system in MikroTik routers allows a hacker to cause a service failure.
The vulnerability of the RouterOS operating system for MikroTik routers lies in the fact that operations are performed outside of the buffer in memory. Exploiting this vulnerability allows a malicious actor to cause a service failure by sending a specially crafted SMB request...
CVE-2020-20220
Mikrotik RouterOs prior to stable 6.47 suffers from a memory corruption vulnerability in the /nova/bin/bfd process. An authenticated remote attacker can cause a Denial of Service NULL pointer dereference...
The vulnerability of the check_community.php file in the Mikrotik Router Monitoring System allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the checkcommunity.php file of the Mikrotik Router Monitoring System is related to the lack of protection for the SQL query structure. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of the protected...
Mikrotik Router Monitoring System 1.2.3 - (community) SQL Injection Vulnerability
Exploit for hardware platform in category web applications Exploit Title: Mikrotik Router Monitoring System 1.2.3 - 'community' SQL Injection Exploit Author: jul10l1r4 Julio Lira Vendor Homepage: https://mikrotik.com Software Link: https://mikrotik.com/download Version: = 1.2.3 Tested on: Debian ...
CVE-2020-13118
An issue was discovered in Mikrotik-Router-Monitoring-System through 2018-10-22. SQL Injection exists in checkcommunity.php via the parameter community...
Mikrotik Router Monitoring System 1.2.3 SQL Injection
Exploit Title: Mikrotik Router Monitoring System 1.2.3 - 'community' SQL Injection Exploit Author: jul10l1r4 Julio Lira Google Dork: N/A Date: 2020-05-16 Vendor Homepage: https://mikrotik.com Software Link: https://mikrotik.com/download Version: = 1.2.3 Tested on: Debian 10 buster CVE: 2020-13118...
CVE-2020-10364
The SSH daemon on MikroTik routers through v6.44.3 could allow remote attackers to generate CPU activity, trigger refusal of new authorized connections, and cause a reboot via connect and write system calls, because of uncontrolled resource management...
Analysing the Attack Surface of an Industrial Data Acquisition Device
Introduction The Data Station Plus from Red Lion Controls was handed to me to analyse the attack surface. The device is designed to connect to SCADA data acquisition devices over Modbus, Profibus, etc. by Serial or Ethernet connection. Data is collected and recorded to a local compact flash card...
New Exploit for MikroTik Router WinBox Vulnerability Gives Full Root Access
A known vulnerability in MikroTik routers is potentially far more dangerous than previously thought. A cybersecurity researcher from Tenable Research has released a new proof-of-concept PoC RCE attack for an old directory traversal vulnerability that was found and patched within a day of its...
Chinese Hackers Carried Out Country-Level Watering Hole Attack
Cybersecurity researchers have uncovered an espionage campaign that has targeted a national data center of an unnamed central Asian country in order to conduct watering hole attacks. The campaign is believed to be active covertly since fall 2017 but was spotted in March by security researchers fr...
The vulnerability of the SMB service in the RouterOS operating system of MikroTik allows a hacker to execute arbitrary code.
The vulnerability of the SMB service in the RouterOS operating system from MikroTik arises from operations that go beyond the buffer limits in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...